Hmm. Either you're talking about the statistical or cryptographic aspects of randomness. If the latter, you should make it clear. If the former, this is probably the wrong forum and the answers reflect that.
–
Jason SAug 13 '11 at 1:37

Checking statistical randomness is a semi-good test. What I mean by that is that if a given PRNG does not look good statistically, then it is utterly proven to be pure junk. On the other hand, good statistical randomness does not tell you much with regards to cryptographic security. Cryptographic security is about whether the PRNG output could be predicted by a sentient attacker who knows the in and outs of your algorithm (but not its internal state). Statistical randomness is about whether the PRNG output could be predicted by a trained monkey.

"Diehard tests" used to be popular for testing non-cryptographic PRNG. During the AES competition (a dozen years ago), NIST ran them on all AES candidates, and found nothing, and the general opinion among cryptographers was that it was mostly a waste of time.

Are you saying that verification of the design should be sufficient and that statistical tests are insufficient to verify operation?
–
this.joshAug 13 '11 at 4:44

6

It does not harm to run statistical tests; if they detect a bias then you can forget your design, and restart from scratch. But almost all weak designs will pass the tests with no bias. To verify if a cryptographic algorithm is secure, the only known efficient test is to have at least a few dozen cryptographers try to break it for a few years.
–
Thomas PorninAug 13 '11 at 4:49

You can do statistical tests to check for various statistical flaws your random number generator might be subject to, but you have be aware of the fact that statistical testing cannot serve as a substitute for cryptanalysis… meaning: when it comes to cryptographic security, you’ll have to dive into cryptanalysis, like I described in another answer to a somewhat related question.

Are there other tests?

Of course… besides the Chi-squared test you already know and mentioned in your question, there are whole batteries of statistical tests available! All you have to do is to pick your favorite poison:

Dieharder – my personal favorite – incorporates all of George Marsaglia's Diehard tests, as well as all the tests from the NIST STS (Statistical Test Suite developed by the National Institute for Standards and Technology), and some additional tests developed by rgb.

Another battery of tests, comparable to Dieharder. It provides general implementations of the classical statistical tests for random number generators, as well as several others proposed in literature, and even some original ones. Some claim that – sooner or later – TestU01 will make every RNG fail at least one of it’s test, no matter what RNG you throw at it. But failing a test does not immediately indicate a flaw in the individual rng, as some tests will produce more exact results when adhering to the specific requirements of those tests (eg: feeding them enough RNG output).

This is what I would call the “old classic”. Diehard represents a battery of statistical tests, developed by George Marsaglia and first published in 1995 on a CD-ROM of random numbers. While Diehard itself may have come of age, the tests surely haven’t. Both Dieharder and TestU01 include Marsaglia’s tests.

There might be other solutions out there which may or may not be interesting to look at, but – to limit the scope to a usable level – I decided to only mention some of the (more prominent) statistical test suites.